File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes Tomcat & Multiple SSL Certificates Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat & Multiple SSL Certificates" Watch "Tomcat & Multiple SSL Certificates" New topic
Author

Tomcat & Multiple SSL Certificates

Isaac Martinez
Greenhorn

Joined: May 08, 2006
Posts: 1
Goal: Intall two SSL certificates in the same server, but working for two
different IP addresses and domains.

I have:
- One server running Tomcat 5.5 over Windows.
- Two IP addresses.
- Two domains, one for each IP address.
- Two SSL certificates one for each domain.
- A keystore and alias for each certificate.

I think I need to configure two hosts (or virtual hosts, what's the
difference between these?), and setup two HTTPS connectors with IP based
scheema.

I tried using the following configuration:

<Service name="Catalina">
...
<Connector port="80" maxThreads="300" minSpareThreads="25"
maxSpareThreads="75" enableLookups="true" acceptCount="100"
redirectPort="443" connectionTimeout="20000"
disableUploadTimeout="true" />

<Connector port="443" name="72.3.245.1"
maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true" useIPVHosts="tru"
scheme="https" secure="true" clientAuth="false"
keystoreFile="D:/jdk1.5.0_02/bin/key1"
keystorePass="pass1" sslProtocol = "TLS" />

<Connector port="443" name="72.32.93.2"
maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true" useIPVHosts="true"
scheme="https" secure="true" clientAuth="false"
keystoreFile="D:/jdk1.5.0_02/bin/key2"
keystorePass="pass2" sslProtocol = "TLS" />

<Connector port="8009"
enableLookups="false" redirectPort="443" protocol="AJP/1.3" />

<Engine name="Catalina" defaultHost="localhost">

...

<Host name="72.3.245.1" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>

<Host name="72.3.245.2" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
...

</Engine>
...

</Service>


It didn't work at all, I have the first certificate on the first IP working.
But the second certificate just don't work because it gets the first
certificate not the second, so the domains don't match.

Any help on this is welcome, thank you.

Isaac Mart´┐Żnez Hatch
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12678
    
    5
I've never done a configuration like that, but:

That does not match either of the virtual hosts - where did it come from?
Bill
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Tomcat & Multiple SSL Certificates
 
Similar Threads
Different log files for different services in tomcat
[Update - Success] Adding SSL certificate to Server.xml
SSL implementation problem-keystore file not found
SSL + Servlet
Tomcat manager not opening